The state of California has come up with a unique solution to deal with data privacy concerns of its citizens by including a “Do Not Sell My Personal Information” provision in the CCPA. This lets consumers deny or withdraw consent to businesses who might otherwise use their data for profit or research purposes.
How should businesses respond to this?
The “Do Not Sell My Personal Information” provision can be a challenge for businesses who rely heavily on monetization of data, or are completely dependent on user data. But with the appropriate amount of consideration, businesses can adjust without a severe blow to their operations.
To ensure best practices are being followed, businesses can assign a Data Protection Officer, an individual who will supervise privacy concerns of users. Having a DPO in place will strengthen the trust between the user and company, and protect the business from stark consequences of violating the CCPA.
Companies can take the following steps to prepare for the CCPA’s requirement:
- First, you need to identify whether your company falls under the CCPA’s regulatory restrictions. There’s more about the criteria for who is covered here.
- To insure transparency in the web experience, the CCPA has asked the companies to clarify a disclosure at or before the point of data collection. Companies must therefore consider the need to restructure their websites to adhere to these regulations.
- Lastly, to function smoothly even after abiding by the CCPA, a company should examine its clientele. Does it make sense to have a separate web property for California consumers? Or does it make the most sense to overhaul all company properties to be CCPA-compliant event though consumers from other states will visit? This is a business decision unique to each company, but it’s worth noting that lots of prominent companies (like Microsoft, for example) have committed to honoring the CCPA standards nationwide.
These are the steps which can be taken by the companies in order to build a reliable consent management platform so that they can function without legal hindrances from the CCPA and consumers.